lazarus group (4)

8157700677?profile=RESIZE_400xA cyberespionage campaign aimed at aerospace and defense sectors to install data gathering implants on victims' machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought.  The use of job of employment ads and postings have the recent bait for unsuspecting victims.

The attacks, which targeted IP-addresses belonging to internet service providers (ISPs) in Australia, Israel, Russia, and defense contractors based in Russia and India, involve

7993726679?profile=RESIZE_400xCyber threat researchers have examined security incidents over the past several years that appear to connect North Korea's Lazarus Group with Russian speaking attackers.  A recent analysis has examined reports from years of security incidents to pinpoint links between Lazarus Group, historically tied to North Korea, and Russian-speaking cybercriminals.

In a summary of his findings, Mark Arena, CEO of security firm Intel 471, holds two generally accepted assumptions: that Lazarus Group is tied to

7445070897?profile=RESIZE_400xActivity Summary - Week Ending 31 July 2020:

  • Red Sky Alliance observed 41 unique email accounts compromised with Keyloggers
  • Analysts identified 43,115 connections from new unique IP addresses
  • 1,518 new IP addresses were discovered participating in Various Botnets
  • Taidoor remote access Trojan
  • Lazarus Attacks with Ransomware Worms
  • Baker Hughes still has Cyber issues
  • Hezbollah remains in the Top 5 Cyber Threat Actors
  • Oil moving Renewable & Green
  • Egypt and Greece signed a maritime agreement; Turkey

7160201076?profile=RESIZE_400xAccording to a recent article from ThreatPost, the North Korea-linked APT known as Lazarus Group, also known by names such as the Guardians of Peace, Whois Team, Hidden Cobra and Zinc has debuted an advanced, multipurpose malware framework, called MATA, to target Windows, Linux, and macOS operating systems.  Cyber threat investigators at Kaspersky have uncovered a series of attacks utilizing MATA (so-called because the malware authors themselves call their infrastructure MataNet), involving the